Linked by Thom Holwerda on Mon 21st Dec 2015 22:27 UTC, submitted by Alfman
Privacy, Security, Encryption

On Thursday, tech giant Juniper Networks revealed in a startling announcement that it had found "unauthorized" code embedded in an operating system running on some of its firewalls.

The code, which appears to have been in multiple versions of the company's ScreenOS software going back to at least August 2012, would have allowed attackers to take complete control of Juniper NetScreen firewalls running the affected software. It also would allow attackers, if they had ample resources and skills, to separately decrypt encrypted traffic running through the Virtual Private Network, or VPN, on the firewalls.

[...]

The security community is particularly alarmed because at least one of the backdoors appears to be the work of a sophisticated nation-state attacker.

Merry Christmas, everybody.

Thread beginning with comment 622604
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: August 2012
by pepa on Wed 23rd Dec 2015 05:09 UTC in reply to "RE[2]: August 2012"
pepa
Member since:
2005-07-08

The encryption is only securing it's content when it's not decrypted, ie. when it's off. When the encrypted filesystem is decrypted and mounted, it's of course fully accessible.

Reply Parent Score: 3

RE[4]: August 2012
by avgalen on Wed 23rd Dec 2015 09:51 in reply to "RE[3]: August 2012"
avgalen Member since:
2010-09-23

The encryption is only securing it's content when it's not decrypted, ie. when it's off. When the encrypted filesystem is decrypted and mounted, it's of course fully accessible.

It is fully accessible to the OS that has decrypted it, not automatically to another OS (the baseband OS). The question is how advanced a baseband (or SIM OS) is. Can they actually access the memory from the other OS (like a hypervisor OS could probably access the memory from its guest OS's) or does it simply not have such functionality build in? Would a baseband OS actually have knowledge about filesystems?
Logic would say that the writer of a Baseband OS or SIM OS wouldn't bother to put in such code. On the other hand, paranoia would say that this would be the perfect place for a (mandatory) backdoor. Without having access to the sourcecode we will probably never know (the reverse engineering of Rex OS didn't show anything, but that is also not what reverse engineering would normally uncover)

Reply Parent Score: 2

RE[5]: August 2012
by pepa on Wed 23rd Dec 2015 10:15 in reply to "RE[4]: August 2012"
pepa Member since:
2005-07-08

It would be very interesting to know more about the capabilities of these ring-zero OS's. If stealth access is an objective, I would expect they tap into the client OS. But I agree, that needs to happen, because just accessing the storage would not help.

Reply Parent Score: 3